CN1318973C - Method and device for protecting external bus of CPU - Google Patents
Method and device for protecting external bus of CPU Download PDFInfo
- Publication number
- CN1318973C CN1318973C CNB2003101034191A CN200310103419A CN1318973C CN 1318973 C CN1318973 C CN 1318973C CN B2003101034191 A CNB2003101034191 A CN B2003101034191A CN 200310103419 A CN200310103419 A CN 200310103419A CN 1318973 C CN1318973 C CN 1318973C
- Authority
- CN
- China
- Prior art keywords
- cpu
- counter
- control chip
- control
- external bus
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The present invention discloses a method and a device for protecting the external bus of a CPU. The device comprises a control single board which is connected with the CPU, a control chip is arranged in the control single board, the control chip is connected with the CPU, and a counter is arranged at the CPU interface of the control chip. The CPU judges the size of the data to be written, judges corresponding read-write time for the control single board according to the size of the data to be written, and sets the initial value of the counter correspondingly, and the time from starting counting to overflowing, which is spent by the counter is larger than the read-write time of reading and writing the control single board, which is spent by the CPU; the counter starts counting, simultaneously, the counter outputs a level turnover, and opens a chip selection OE of the control chip on the control single board; the CPU sends out a read-write command to the control chip, and the control chip executes the read-write command; the counter finishes counting, outputs the level turnover, and closes the chip selection OE of the control chip on the control single board. The present invention can effectively protect the internal data of the control single board connected with the CPU through a bus, and improves the security performance of the system.
Description
Technical field:
The present invention relates to a kind of guard method and device of CPU external bus.
Background technology:
CPU (central processing unit) adopts the mode of memory bus interface to carry out to the control of peripheral hardware veneer basically, or PCI local bus interface such as (peripheral controller interfaces).But PCI (peripheral controller interface) implements the comparison difficulty with respect to memory interface, and complexity increases greatly, and performance is limited again simultaneously.Therefore in the veneer control mode system of embedded system, still based on memory interface, the application of PCI is more limited.
As shown in Figure 1, the external address control bus not only comprises address bus, also comprise the chip selection signal line that is used for gating external unit veneer, when the major function of veneer is CPU (central processing unit) when finishing, so whole veneer also resets together if CPU (central processing unit) crashes.But the major function of veneer is not that CPU (central processing unit) finishes sometimes, CPU (central processing unit) is just auxiliary to be calculated, and the execution configuration effort, CPU (central processing unit) crashes so should not influence the operate as normal of the main ASIC of this plate (special IC) controller when resetting.Such situation is such as the cross board of SDH (formatted data processing), cross matrix information in CPU (central processing unit) inner preservation of cross chips when resetting also keeps, CPU (central processing unit) also keeps the state machine information before crashing in NVRAM (non-volatile random access memory), therefore CPU (central processing unit) can't influence its interleaving function after resetting, only influence cross-over configuration during this period of time.But CPU (central processing unit) might send chaotic sequential on bus when deadlock resets, distribute data arbituarily, this just might influence the safety of outside important ASIC (special IC) controller internal data, therefore be necessary to be provided with a kind of security mechanism, when bus writes without basis data, influence the data of outside important ASIC (special IC) controller inside when preventing the CPU program fleet.
At the problems referred to above, general a kind of way is now, utilize an important sheet of trigger control to translate the output of sign indicating number selectively, when need be before important ASIC (special IC) controller reads and writes data, at first write the control trigger, order control trigger is turned to the state of ON, passes through with regard to the chip selection signal that allows this ASIC (special IC) controller like this.When the reading and writing data of ASIC (special IC) controller is finished, write the control trigger again, make its state that is turned into OFF, the sheet choosing output of this ASIC (special IC) controller is turn-offed.Such control mode has improved the security of ASIC (special IC) controller internal data greatly, has prevented data tampering unintentionally.But it also has a tangible leak, after CPU (central processing unit) has opened the control trigger, if the data to ASIC (special IC) controller do not have to have read and write under the situation about just crashing the state that the control trigger will be held open always.The no sequential signal that occurs on the bus when resetting as CPU (central processing unit) just might cause fatal infringement to the internal data of ASIC (special IC) controller like this, thereby has also reduced the reliability of total system.
Summary of the invention:
At the existing problem and shortage of guard method of above-mentioned CPU (central processing unit) external bus, the purpose of this invention is to provide the guard method and the device of a kind of more effective CPU (central processing unit) external bus.
The present invention is achieved in that the guard method of a kind of CPU (central processing unit) external bus, may further comprise the steps:
CPU (central processing unit) judges the size of desiring to read and write data, and judge in view of the above controlling the corresponding access time of veneer, and the corresponding initial value that counter is set, described counter from counting begin to the time of overflowing greater than the access time of CPU (central processing unit) to described control veneer;
Described counter begins counting, and output level overturns simultaneously, and selects OE (output starts) to open the sheet of the control chip on the described control veneer;
CPU (central processing unit) sends read write command to described control chip, and control chip is carried out this read write command;
Described rolling counters forward finishes, and output level upset selects OE (output starts) to close the sheet of the control chip on the described control veneer;
Further, said method is further comprising the steps of:
After described counter was once counted and finished, whether CPU (central processing unit) judgment data was read and write and is finished, if do not finish, reset the initial value of described counter, this initial value to the time of overflowing greater than overflowing the time last time.
Further, described counter is up counter or down counter.
The protective device of a kind of CPU (central processing unit) external bus, include the control veneer that is connected with CPU (central processing unit), comprise control chip in this control veneer, this control chip is connected with CPU (central processing unit) by CPU (central processing unit) external bus, and the CPU of described control chip (central processing unit) interface is provided with counter; The initial value of counter is set by CPU (central processing unit), count down to time of overflowing corresponding access time greater than control chip from initial value; When control chip was received the read write command of CPU (central processing unit), counter began counting, output level upset simultaneously, and the sheet of control chip selects OE (output starts) to open, and control chip is carried out read write command; After counter overflowed, output level overturn once more, and the sheet of control chip selects OE (output starts) to keep closing.
Further, described counter is up counter or down counter.
Further, the CPU of described control chip (central processing unit) interface is provided with counter, and the output of this counter is connected with the OE (output starts) of the sheet of described control chip choosing.
The present invention is by being provided with counter on CPU (central processing unit) interface of the control chip of controlling veneer, at CPU (central processing unit) when control chip sends read write command, judge the length that this desires to read and write data simultaneously, and calculate CPU (central processing unit) and normally read and write the time that these data need spend, and counter set corresponding initial value, this initial value specifically is to set like this: counter begins slightly to be longer than CPU (central processing unit) to the time of overflowing from counting and has has normally read and write the time that these data need spend; Counter begins counting after being set initial value, and output level is turned to ON simultaneously, and selects OE (output starts) to open the sheet of control chip, and CPU (central processing unit) sends read write command simultaneously, and control chip is carried out this read write command; Counter overflows the back output level and is turned to OFF, selects OE (output starts) to close the sheet of described control chip; Whether CPU (central processing unit) judgment data is read and write and is finished, if do not finish, reset the initial value of described counter, make this initial value to the time of overflowing greater than overflowing the time last time, counter restarts counting, and CPU (central processing unit) reads and writes these data again.Like this, can protect the internal data of the control veneer that is connected by bus with CPU (central processing unit) effectively, even on bus, send chaotic sequential when resetting or distribute data arbituarily in CPU (central processing unit) deadlock suddenly, because counting after CPU (central processing unit) handles the read write command of controlling veneer, counter overflows, and the sheet that will control the control chip of veneer selects OE (output starts) to close, chaotic sequential and the data of distributing arbituarily can not have influence on the data with existing in the control chip, control chip is by existing data fill order, like this, whole one-tenth system is just more stable; Even CPU (central processing unit) is not is not reading and writing just deadlock of data, because the initial value that counter is composed is less relatively to overflow value, overflow at the cpu reset hour counter, and the sheet of control chip has been selected OE (output starts) to close, do not affect the internal data of control chip equally; This has promoted the security performance of system greatly.
Description of drawings:
Below in conjunction with accompanying drawing, the present invention is made detailed description.
Fig. 1 is the CPU control structure synoptic diagram of prior art;
Fig. 2 is an of the present invention choosing output control principle;
Fig. 3 counter works schematic diagram of the present invention.
Embodiment:
The present invention is achieved in that CPU (central processing unit) judges the size of desiring to read and write data, and judge in view of the above controlling the corresponding access time of veneer, and the corresponding initial value that counter is set, counter from counting begin to the time of overflowing greater than the access time of CPU (central processing unit) to the control veneer; Counter begins counting, output level upset simultaneously, and the sheet that will control the control chip on the veneer selects OE (output starts) unlatching; CPU (central processing unit) sends read write command to control chip, and control chip is carried out this read write command; Rolling counters forward finishes, and the output level upset selects OE (output starts) to close the sheet of controlling the control chip on the veneer;
After counter was once counted and finished, whether CPU (central processing unit) judgment data was read and write and is finished, if do not finish, reset the initial value of counter, this initial value to the time of overflowing greater than overflowing the time last time.
Realization the inventive system comprises the control veneer that is connected with CPU (central processing unit), comprise control chip in this control veneer, this control chip is connected with CPU (central processing unit) by CPU (central processing unit) external bus, and the CPU of control chip (central processing unit) interface is provided with counter; The initial value of counter is set by CPU (central processing unit), count down to time of overflowing corresponding access time greater than control chip from initial value; When control chip was received the read write command of CPU (central processing unit), counter began counting, output level upset simultaneously, and the sheet of control chip selects OE (output starts) to open, and control chip is carried out read write command; After counter overflowed, output level overturn once more, and the sheet of control chip selects OE (output starts) to keep closing.
The Core Feature of control veneer is that asic chip is finished by certain configurable control chip, and this asic chip inside has a large amount of configuration registers to control the business of this asic chip, and this asic chip does not need the participation of CPU during operate as normal.When traffic profile change, CPU carries out business configuration by the cpu i/f of this asic chip to asic chip, and the method for configuration is to revise the content of configuration register.As shown in Figure 2, after CPU judges the size desire to read and write data, set the initial value of control counter, this initial value to the time of overflowing should be greater than CPU to controlling the access time of veneer; Because the configuration amount to asic chip might be bigger, therefore the maximum count time of setting counter is 2 milliseconds, its counting principle as shown in Figure 3, CPU can only could carry out read-write operation to asic chip when the counting low level, be above-mentioned to the asic chip business configuration, when the counter output low level, i.e. sheet choosing with asic chip has had pressure reduction, also promptly is equivalent to select OE to open the sheet of asic chip; Counter is just exported high level after counting is finished, and the sheet that promptly has been equivalent to close asic chip selects OE, and CPU just can not operate it, like this, has just protected the asic chip internal data not influenced by CPU effectively.Even CPU crashes suddenly in the rolling counters forward process, but when CPU was restarted, counter was counted already and is finished, and promptly the sheet of asic chip selects OE to close already, even invalid data is arranged, also can not have influence on asic chip.
When the maximum count time of setting was not enough, when promptly not finishing the business configuration to asic chip, CPU can prolong the read-write permission time by the counting initial value of resetting, and finishes up to configuration.
Here, counter is up counter or down counter.
Claims (6)
1. the guard method of a CPU external bus may further comprise the steps:
CPU judges the size desire to read and write data, and judges the corresponding access time to the control veneer in view of the above, and the corresponding initial value that counter is set, described counter from counting begin to the time of overflowing greater than the access time of CPU to described control veneer;
Described counter begins counting, and the while output level overturns, and the sheet choosing output of the control chip on the described control veneer is started unlatching;
CPU sends read write command to described control chip, and control chip is carried out this read write command;
Described rolling counters forward finishes, and the sheet choosing output startup of the control chip on the described control veneer is closed in the output level upset;
2. the guard method of CPU external bus as claimed in claim 1 is characterized in that, this method is further comprising the steps of:
After described counter was once counted and finished, whether the CPU judgment data is read and write finished, if do not finish, reset the initial value of described counter, this initial value to the time of overflowing greater than overflowing the time last time.
3. the guard method of CPU external bus as claimed in claim 1 or 2 is characterized in that, described counter is up counter or down counter.
4. the protective device of a CPU external bus, include the control veneer that is connected with CPU, comprise control chip in this control veneer, this control chip is connected with CPU by the CPU external bus, it is characterized in that the cpu i/f of described control chip is provided with counter; The initial value of counter is set by CPU, count down to time of overflowing corresponding access time greater than control chip from initial value; When control chip was received the read write command of CPU, counter began counting, output level upset simultaneously, and the sheet choosing output of control chip starts opens, and control chip is carried out read write command; After counter overflowed, output level overturn once more, and the sheet choosing output of control chip starts maintenance and closes.
5. the protective device of CPU external bus as claimed in claim 4 is characterized in that, described counter is up counter or down counter.
6. the protective device of CPU external bus as claimed in claim 4 is characterized in that, the cpu i/f of described control chip is provided with counter, and the output of this counter is connected with the output startup of the sheet of described control chip choosing.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2003101034191A CN1318973C (en) | 2003-10-31 | 2003-10-31 | Method and device for protecting external bus of CPU |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2003101034191A CN1318973C (en) | 2003-10-31 | 2003-10-31 | Method and device for protecting external bus of CPU |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1540512A CN1540512A (en) | 2004-10-27 |
| CN1318973C true CN1318973C (en) | 2007-05-30 |
Family
ID=34333289
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2003101034191A Expired - Fee Related CN1318973C (en) | 2003-10-31 | 2003-10-31 | Method and device for protecting external bus of CPU |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1318973C (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1877995A (en) * | 2006-01-24 | 2006-12-13 | 华为技术有限公司 | Method and apparatus for transmitting chip interface data |
| CN100386748C (en) * | 2006-04-04 | 2008-05-07 | 杭州华三通信技术有限公司 | Method and system for chip selecting of peripheral device in singe board computer |
| CN103761127B (en) * | 2014-01-08 | 2017-03-08 | 杭州华三通信技术有限公司 | A kind of device and method of loading CPLD chip |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPH10240395A (en) * | 1997-02-27 | 1998-09-11 | Mitsubishi Electric Corp | On-board type printed board |
| US5826007A (en) * | 1996-01-22 | 1998-10-20 | Kabushiki Kaisha Toshiba | Memory data protection circuit |
| JP2003199244A (en) * | 2001-12-25 | 2003-07-11 | Mitsubishi Electric Corp | Bus-bar protective relay |
-
2003
- 2003-10-31 CN CNB2003101034191A patent/CN1318973C/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5826007A (en) * | 1996-01-22 | 1998-10-20 | Kabushiki Kaisha Toshiba | Memory data protection circuit |
| JPH10240395A (en) * | 1997-02-27 | 1998-09-11 | Mitsubishi Electric Corp | On-board type printed board |
| JP2003199244A (en) * | 2001-12-25 | 2003-07-11 | Mitsubishi Electric Corp | Bus-bar protective relay |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1540512A (en) | 2004-10-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US4388695A (en) | Hardware memory write lock circuit | |
| JP2788590B2 (en) | Memory protection device and address generation method | |
| EP2013809B1 (en) | Method and apparatus for secure context switching in a system including a processor and cached virtual memory | |
| US6883069B2 (en) | Cache control device and manufacturing method thereof | |
| US7032081B1 (en) | System and method for enabling non-volatile memory to execute code while operating as a data storage/processing device | |
| US5559992A (en) | Apparatus and method for protecting data in a memory address range | |
| KR100196045B1 (en) | Reset circuit of electronic device | |
| US6175930B1 (en) | Demand based sync bus operation | |
| US20060214009A1 (en) | Nonvolatile storage apparatus | |
| WO1998030958A1 (en) | Secure multiple application ic card system | |
| EP2225652B1 (en) | Read status controller | |
| US5276844A (en) | Protection system for critical memory information | |
| US5668973A (en) | Protection system for critical memory information | |
| KR102656509B1 (en) | Improved durability for systems on chips (SOCs) | |
| US4742469A (en) | Electronic meter circuitry | |
| EP1217502B1 (en) | Data processor having instruction cache with low power consumption | |
| US20120233499A1 (en) | Device for Improving the Fault Tolerance of a Processor | |
| CN1318973C (en) | Method and device for protecting external bus of CPU | |
| CN2651841Y (en) | Protector of CPU external bus | |
| US8819449B2 (en) | Event counter in a system adapted to the JavaCard language | |
| US20020188810A1 (en) | Cache memory control apparaus and processor | |
| CN105824577B (en) | It is a kind of to optimize the method and system wiped safely | |
| US5438519A (en) | Electronic postage meter having memory write access second chance hard timer means | |
| JPH0934795A (en) | Copy protection method for cpu program | |
| GB2385956A (en) | key based register locking system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: HUAWEI TECHNOLOGY CO., LTD. Free format text: FORMER OWNER: GANGWAN NETWORK CO., LTD. Effective date: 20060922 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20060922 Address after: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Applicant after: Huawei Technologies Co., Ltd. Address before: 100089, No. 21 West Third Ring Road, Beijing, Haidian District, Long Ling Building, 13 floor Applicant before: Harbour Networks Holdings Limited |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20070530 Termination date: 20151031 |
|
| EXPY | Termination of patent right or utility model |